Tuesday, February 10, 2009

So in the last post I blogged about a cool tool that our super hero, evil Bob, might use to find wireless networks when out with his super fantastic iPhone. Well after tracking down those pesky open networks I image the next thing Bob might want to do is look a bit deeper into a particular network. Well a great iPhone application for doing so is called Snap, and it works like this.

Bob is out and about with his trusty iPhone and he stumbles across an open wifi network. Bob being Bob, he connects to the network and gets himself an IP address, so far so good. But his curiosity gets the better of him and he wonders what else is on the network with him. So he fires up Snap and kicks of a scan.

Snap scans picks up the subnet that Bob is on and automatically scans for live hosts. After a second or two Bob sees a list of who else is on the network with him.

Interesting. Well Bob could leave it at that. After all, his curiosity is nearly satisfied, but not quite. He feels the urge to see what the other hosts on the network are doing, just to be sure that they are alright and not up to no good. So he drills down a bit further and takes a look at the Ubuntu VM.

Well Bob wouldn't be called nosey Bob if he didn't then go ahead and do a little port scan would he.

What do you know. VNC and a web server. That's just great. now Bob is satisfied. He knows who's on the network and now he has had a little poke around and he know what they are doing.

But hang on. Bob just remembered that old saying, "hard on the outside and soft on the inside" . Well maybe just before he goes he should put that to the test. He fires up his iPhone VNC client and tries a few common passwords.

And after a couple of attempts he gets lucky with......you guessed it "Password".